Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/fBWNstKWQg8rJjplq1thRKe9jYg.roa
File: fBWNstKWQg8rJjplq1thRKe9jYg.roa (raw, json)
Hash identifier: 2nW60baQOEUuMh/DADqvmTFqL8SrEKwrZY3pebXlrgA=
Subject key identifier: 7C:15:8D:B2:D2:96:42:0F:2B:26:3A:65:AB:5B:61:44:A7:BD:8D:88
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 0194228E484CA4B30CFFB8E6621CE49A09F7
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/fBWNstKWQg8rJjplq1thRKe9jYg.roa
Signing time: Wed 01 Jan 2025 15:48:57 +0000
ROA not before: Wed 01 Jan 2025 15:48:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214024
IP address blocks: 85.115.211.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 31 Mar 2025 06:36:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:48:4c:a4:b3:0c:ff:b8:e6:62:1c:e4:9a:09:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Jan 1 15:48:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7c158db2d296420f2b263a65ab5b6144a7bd8d88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:76:d1:78:db:5e:d3:7c:cf:fa:4a:28:ad:04:
aa:16:75:da:80:6c:2c:0a:49:8c:bb:38:51:72:54:
66:8e:e8:80:10:e4:8b:0f:e6:03:c7:d3:6e:90:c2:
33:ce:98:d4:13:bb:69:66:b0:db:1c:4a:2f:3d:8f:
62:92:97:3d:71:5a:61:6a:33:ad:5a:14:63:e1:f0:
e4:b4:c1:a3:11:73:c0:1c:d3:e4:67:7c:bb:10:fe:
48:d7:cb:cc:cc:13:29:42:93:c7:74:34:4d:de:87:
83:86:6e:10:2f:55:c9:60:e6:b9:0a:9f:3e:47:59:
fc:aa:ab:b5:60:97:2d:77:17:4d:0b:5b:95:8f:e8:
ce:05:f7:16:12:11:b2:ba:93:f7:7b:f2:07:f5:8f:
9e:64:8c:86:77:1d:d7:88:4b:d9:94:eb:10:d1:22:
5f:a1:53:2b:b2:20:37:e1:2d:85:2a:f6:cb:72:5b:
68:8c:29:d7:c5:36:57:10:5f:9e:38:aa:8c:2e:6f:
e6:01:9d:40:43:fd:2b:94:66:29:8c:7a:b7:1a:36:
ba:fa:4d:54:51:ee:ec:f8:96:30:3c:0c:3d:e2:85:
7c:82:dc:30:40:0d:bd:e6:8d:52:0f:ec:77:ec:17:
a4:fa:7f:e5:67:5e:1d:dc:fc:ee:fa:47:dc:0b:33:
7f:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:15:8D:B2:D2:96:42:0F:2B:26:3A:65:AB:5B:61:44:A7:BD:8D:88
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/fBWNstKWQg8rJjplq1thRKe9jYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.211.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:6d:19:5c:98:96:7f:f5:e2:83:c6:4c:e7:00:68:e4:a6:96:
8e:c2:05:07:ef:c3:86:b6:17:ef:01:32:86:fc:e3:1e:c2:5a:
e6:60:b0:7d:ef:e9:44:6e:8d:41:ef:c6:6c:17:58:7b:ef:4a:
34:40:27:92:25:48:f7:c3:b5:f5:ae:cd:1a:c7:5a:e8:34:e6:
40:f3:04:18:64:72:10:da:96:73:99:13:b4:9c:e5:62:e7:5e:
e1:55:8a:5a:1e:ca:de:71:0a:7e:74:12:c7:36:54:0b:40:f0:
f1:d2:ad:9e:9f:97:8a:88:86:33:d2:4c:02:52:37:94:ad:1d:
bf:69:25:49:2f:2e:71:4c:f8:6a:aa:68:74:a6:06:dc:2e:8d:
d3:5e:6e:dc:a5:3a:ed:15:7d:45:52:e1:e3:8d:2f:73:97:ad:
d3:49:25:bb:ad:76:0e:51:67:c8:8a:2a:b2:25:f8:ed:29:ae:
76:d2:75:1e:d2:45:a2:0b:4e:2f:dd:7d:ba:fd:41:bc:ba:9b:
8d:7f:ea:d9:9c:8a:fc:f4:d7:ac:97:50:89:9c:37:5b:e3:ab:
b1:85:f3:e0:e7:95:f1:ab:78:cc:3c:ff:80:60:a6:9a:4b:71:
d0:50:bb:25:fe:b9:2a:a5:5c:a2:76:c9:c2:94:73:a9:8e:b4:
c0:71:58:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijkhMpLMM/7jmYhzkmgn3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjUwMTAxMTU0ODU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzE1OGRiMmQyOTY0MjBmMmIyNjNhNjVhYjViNjE0NGE3YmQ4ZDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXbReNte03zP+koorQSqFnXagGws
CkmMuzhRclRmjuiAEOSLD+YDx9NukMIzzpjUE7tpZrDbHEovPY9ikpc9cVphajOt
WhRj4fDktMGjEXPAHNPkZ3y7EP5I18vMzBMpQpPHdDRN3oeDhm4QL1XJYOa5Cp8+
R1n8qqu1YJctdxdNC1uVj+jOBfcWEhGyupP3e/IH9Y+eZIyGdx3XiEvZlOsQ0SJf
oVMrsiA34S2FKvbLcltojCnXxTZXEF+eOKqMLm/mAZ1AQ/0rlGYpjHq3Gja6+k1U
Ue7s+JYwPAw94oV8gtwwQA295o1SD+x37Bek+n/lZ14d3Pzu+kfcCzN/ywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHwVjbLSlkIPKyY6ZatbYUSnvY2IMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvZkJXTnN0S1dRZzhySmpwbHExdGhSS2U5allnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVXPTMA0G
CSqGSIb3DQEBCwUAA4IBAQCkbRlcmJZ/9eKDxkznAGjkppaOwgUH78OGthfvATKG
/OMewlrmYLB97+lEbo1B78ZsF1h770o0QCeSJUj3w7X1rs0ax1roNOZA8wQYZHIQ
2pZzmRO0nOVi517hVYpaHsrecQp+dBLHNlQLQPDx0q2en5eKiIYz0kwCUjeUrR2/
aSVJLy5xTPhqqmh0pgbcLo3TXm7cpTrtFX1FUuHjjS9zl63TSSW7rXYOUWfIiiqy
JfjtKa520nUe0kWiC04v3X26/UG8upuNf+rZnIr89Nesl1CJnDdb46uxhfPg55Xx
q3jMPP+AYKaaS3HQULsl/rkqpVyidsnClHOpjrTAcVhq
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:27:26 2025 by rpki-client